Wireless Access

Reply
Highlighted
New Contributor

How RAP connect to Controller behind Fortigate that already site2site to another Fortegate?

Q : I have a RAP wanna connect to the controller that behind Fortinet Firewall,
but the Fortinet already Site to Site with another Fortinet,
means already used UDP 500 & 4500.

Can i using RAP with non-standard port ?

RAP < WAN > {Fortigate(with Controller)} << Site 2 Site (UDP 500 & 4500) >> Fortigate

 

 


Accepted Solutions
Highlighted
Super Contributor II

Re: How RAP connect to Controller behind Fortigate that already site2site to another Fortegate?

If the site to site VPN between fortigates are using those ports over the Internet, and you're trying to connect a RAP to a controller through that tunnel, that should work no problem.

 

If you're connecting the RAP over the internet to a firewall thats using its Public L3 interface for the tunnel to the other firewall, then you should NAT the Controller IP to another Public L3 address on the firewall. That should work.

 

 

Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSA | ACDA | ACEA | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!

View solution in original post


All Replies
Highlighted
Super Contributor II

Re: How RAP connect to Controller behind Fortigate that already site2site to another Fortegate?

If the site to site VPN between fortigates are using those ports over the Internet, and you're trying to connect a RAP to a controller through that tunnel, that should work no problem.

 

If you're connecting the RAP over the internet to a firewall thats using its Public L3 interface for the tunnel to the other firewall, then you should NAT the Controller IP to another Public L3 address on the firewall. That should work.

 

 

Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSA | ACDA | ACEA | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!

View solution in original post

Highlighted
New Contributor

Re: How RAP connect to Controller behind Fortigate that already site2site to another Fortegate?

Thanks for the reply.

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: